IT Governance

OCTOBER 3, 2019

You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation). Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant. Transparency is a core principle of the GDPR. Make sure people know they’re being recorded.

GDPR 110

GDPR Privacy Retail Personal data 110

OpenText Information Management

APRIL 4, 2018

On May 25, 2018, the new EU data privacy regulation, known as the General Data Protection Regulation (GDPR), comes into force. For … The post GDPR. Forget bitcoin, data is the new currency of retail appeared first on OpenText Blogs. Shortly after that the sky falls in and the world ends.

Retail 54

Retail GDPR Data Privacy Privacy 54

Thales Cloud Protection & Licensing

MARCH 14, 2024

Keeping Customer Data Safe: AI's Privacy Paradox andrew.gertz@t… Thu, 03/14/2024 - 17:38 AI's appeal lies in its ability to personalize and streamline customer experiences in ways previously unimaginable. Putting Personal Data at Risk The results were not all positive, however.

Privacy 71

Privacy Data Privacy Analytics Risk 71

Data Protection Report

JUNE 1, 2020

Many businesses are suffering serious financial difficulties as a result of COVID-19, particularly those in the retail, hospitality and tourism sectors. But this is a tricky area to navigate, particularly following the General Data Protection Regulation ( GDPR ), since both the ICO and the FCA have started to pay more attention to this area.

Personal data 100

Personal data Sales Marketing GDPR 100

IT Governance

JANUARY 30, 2024

Data breached: 2 PB. Mobile network database breach exposes 750 million Indians’ personal data The Indian security company CloudSEK claims to have found the personal data of 750 million Indians for sale on an “underground forum”. Data breached: 750 million victims’ personal data.

Data Privacy 52

Data Privacy Retail Privacy Manufacturing 52

Privacy and Cybersecurity Law

JULY 26, 2021

On July 5, 2021, the Italian supervisory authority (“ Garante ”) published an injunction against a company operating a food delivery app (“ Company ”) over the processing of riders’ personal data with respect to the use of algorithms for the management of the orders. Minimization, privacy by design and by default principles.

Personal data 52

Personal data GDPR e-Delivery Communications 52

IT Governance

MARCH 26, 2019

Although DPIAs (data protection impact assessments) are not a new concept, the GDPR (General Data Protection Regulation) now mandates them under certain circumstances. It’s relevant for everyone, including retail and hospitality. Common activities for retail and hospitality requiring DPIAs.

Retail 78

Retail Risk GDPR Government 78

IT Governance

JULY 25, 2018

As of 25 May 2018, organisations that use CCTV to capture images of individuals are processing personal data as defined by the GDPR (General Data Protection Regulation) and must comply with the Regulation’s requirements. To comply with the data controller’s legal obligations. Privacy notices (Article 13).

GDPR 102

GDPR Personal data Privacy Access 102

IT Governance

AUGUST 21, 2018

What steps will the ICO (Information Commissioner’s Office) take to ensure organisations comply with the recently enforced GDPR (General Data Protection Regulation)? The data included contact information, usernames and encrypted passwords. What is the cost of a data breach? Will non-complying organisations be fined?

Retail 66

Retail Data breaches GDPR Compliance 66

DLA Piper Privacy Matters

AUGUST 12, 2020

On 28 July 2020, the French Supervisory Authority (the “CNIL”) sanctioned the online shoes retail company, SPARTOO SAS, by a €250,000 fine and an injunction to comply with GDPR within 3 months under penalty for various non-compliances with the GDPR of the personal data processing related to clients, prospects and employees [1].

GDPR 93

GDPR Personal data Compliance Passwords 93

Hunton Privacy

DECEMBER 1, 2020

On November 26, 2020, the French Data Protection Authority (the “CNIL”) announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies.

GDPR 91

GDPR Personal data Data collection Marketing 91

Thales Cloud Protection & Licensing

MARCH 20, 2023

Self-Sovereign Identities, The Next Step in Privacy-First User Experience divya Tue, 03/21/2023 - 06:10 There is a growing momentum around Self-Sovereign Identities (SSI) with real value to be captured by individuals, countries, and businesses. When privacy is at stake, SSI puts individuals back in control of their personal data.

Privacy 71

Privacy Blockchain Customer Experience Access 71

IT Governance

JANUARY 23, 2024

Organisation(s) Sector Location Data breached? Known records breached Naz.API (likely belonging to multiple organisations) Source (New) Unknown Unknown Yes 70,840,771 VF Corporation Source 1 ; source 2 (Update) Retail USA Yes 35,500,000 Pastelería Mozart Source (New) Hospitality Chile Yes 10,870,524 Foxsemicon Integrated Technology, Inc.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

Data Protection Report

OCTOBER 5, 2020

On 1 October 2020, the State Commissioner for Data Protection and Freedom of Information (Landesbeauftragte für Datenschutz und Informationsfreiheit) of Hamburg (the DPA) imposed a fine of EUR 35.3 million under the GDPR against the German subsidiary of the fashion retailer H&M.

Privacy 97

Privacy Retail Data collection GDPR 97

IT Governance

AUGUST 19, 2020

The concept of data controllers and data processors has been around for years, but the roles come with clearly defined responsibilities under the GDPR (General Data Protection Regulation). In this blog, we take a close look at what a data controller and processor does and how they fit into your organisation.

GDPR 95

GDPR Personal data Compliance Privacy 95

IT Governance

JANUARY 9, 2024

Source (New) Software Luxembourg Yes 3,600,000 National Automobile Dealers Association Source (New) Retail USA Yes 1,065,000 Consórcio Canopus Source (New) Professional services Brazil Yes 1,400,000 The Teaching Company (Wondrium by The Great Courses) Source (New) Education USA Yes 1.3 TB Gräbener Maschinentechnik GmbH & Co.

Data Privacy 75

Data Privacy Privacy Manufacturing Data breaches 75

DLA Piper Privacy Matters

JANUARY 28, 2022

In this eleventh edition of the guide, we now provide an overview of privacy and data protection laws in over 100 different jurisdictions. Fully refreshed and updated for 2022 we have new jurisdictional entries that now includes Sri Lanka and the Abu Dhabi Global Market Free Zone who launched their new data protection regime last year.

GDPR 98

GDPR Privacy Data breaches Personal data 98

Hunton Privacy

JANUARY 12, 2018

On January 8, 2017, the UK Information Commissioner (“ICO”) issued an unprecedented monetary penalty of £400,000 against British mobile phone retailer, The Car Phone Warehouse Limited. This decision sets the tone for companies at the dawn of the entry into force of the GDPR.

Retail 40

Retail Personal data Security GDPR 40

IT Governance

NOVEMBER 12, 2018

The impact of the GDPR (General Data Protection Regulation) in Scotland is greater than most realise. Not only does it affect the way organisations process personal data, but also extends data subjects rights in terms of how their data is processed. What is a data subject access request (DSAR)?

Access 91

Access GDPR Personal data Retail 91

Reltio

AUGUST 16, 2018

On May 25, 2018 GDPR (General Data Protection Regulation) went into effect. The primary objectives of the GDPR are to give control back to their EU citizens and residents over their personal data, to simplify the regulatory environment for international business, and to unify regulations within the European Union.

GDPR 70

GDPR MDM Compliance Personal data 70

Thales Cloud Protection & Licensing

NOVEMBER 16, 2017

Today, putting the letters ‘GDPR’ into Google will generate over 420,000 news articles, some detailing the expected impact of the regulation, and others casting doubt on businesses and their readiness. and Germany to get to grips with what they know about GDPR, and more importantly, what they don’t. A lack of trust.

GDPR 63

GDPR Retail Data breaches Financial Services 63

Thales Cloud Protection & Licensing

JUNE 24, 2021

Businesses are governed by an increasingly complex network of regulations, jurisdictions, and standards which dictate security and privacy requirements. The retail sector, especially, is a lucrative target for credential stuffing attacks , resulting in billions lost every year. Compliance with GDPR and CCPA.

Authentication 71

Authentication Compliance GDPR Personal data 71

Collibra

APRIL 11, 2023

Retail is a dynamic and competitive market. In addition to the traditional brick-and mortar-stores, the retail business today includes online and mobile stores. Every process at every stage of these stores relies on data. The right kind of data can drive great innovations in retail. What if they do not match?

Retail 73

Retail Sales Compliance Marketing 73

CGI

JUNE 6, 2018

GDPR: Navigating the differences. Two very important, but, in some respects, seemingly contradictory pieces of regulation are at the center of attention in the European financial world—the Revised Payment Services Directive (PSD2) and the General Data Protection Regulation (GDPR). What is GDPR? Data Subject”).

GDPR 40

GDPR Marketing Personal data Retail 40

IT Governance

OCTOBER 19, 2018

If these could have been used to identify individuals, this would have constituted a personal data breach under the EU GDPR (General Data Protection Regulation). However, on 15 October it said: The trust and privacy of our customers is of utmost importance to us. Insecure storage. The error took a week to resolve.

Retail 65

Retail Data breaches Personal data GDPR 65

IT Governance

MAY 7, 2024

Data breached: 6,009,014 accounts. A further 381,000 New York City public school students affected by 2022 data breach In January 2022 , personal data from around 820,000 New York City public school students, both current and former, was breached. Under the EU GDPR, the Czech supervisory authority issued a €13.9

Data breaches 59

Data breaches Education Manufacturing Retail 59

IT Governance

NOVEMBER 14, 2018

Black Friday and Cyber Monday are almost upon us, kickstarting what retailers hope will be a successful trading period. However, the flurry of purchases and the data that represents means cyber criminals will also be looking to cash in. According to McKinsey , 92% of UK shoppers are aware of Black Friday.

Retail 94

Retail Personal data GDPR Risk 94

IT Governance

JULY 1, 2020

Cyber attack on Mid-Michigan College endangers personal data of staff and students (16,000). Australian activewear retailer In Sport infected with ransomware (unknown). Just Eat customers’ details dumped in Cleveleys alley as data watchdog warns of GDPR breach (unknown). In other news….

Data breaches 140

Data breaches Ransomware Retail Personal data 140

IT Governance

JUNE 19, 2019

The GDPR (General Data Protection Regulation) requires organisations to conduct a DPIA (data protection impact assessment) whenever processing is ‘likely to result in a high risk’ to the rights and freedoms of individuals. Damage : the effects on the individual if a data breach or privacy violation occurs.

GDPR 73

GDPR Personal data Risk Data breaches 73

IT Governance

DECEMBER 30, 2019

The second half of the year began with major data privacy news: the UK’s data protection authority, the ICO (Information Commissioner’s Office), announced its intention to fine British Airways and Marriott International a combined £282.6 million for breaching the GDPR (General Data Protection Regulation).

Data breaches 78

Data breaches Personal data GDPR Ransomware 78

DLA Piper Privacy Matters

JANUARY 15, 2021

Data Subject Access Requests – no unqualified right to documents. Due to the dates on which the DSARs had been made, the relevant legislation was in fact the Data Protection Act 1998 ( “DPA 98” ). Comparable provisions are mirrored in the new regime under the DPA 2018 and GDPR. In each case, the answer had been adequate.

Access 122

Access GDPR Personal data Retail 122

DLA Piper Privacy Matters

FEBRUARY 1, 2019

On 31 January 2019, the French Data Protection Supervisory Authority (CNIL) and the French General Directorate for Competition Policy, Consumer Affairs and Fraud Control (DGCCRF, authority in charge of consumer protection) signed a new protocol of cooperation to improve protection of personal data of consumers.

GDPR 40

GDPR Personal data B2C Retail 40

Data Matters

FEBRUARY 10, 2020

The Draft Code is intended to update existing guidance published pre-GDPR and provide clarity on certain important issues. a message informing a user they are approaching their monthly data limit). Lawful basis for direct marketing: The two lawful bases for direct marketing under the GDPR are consent and legitimate interests.

Marketing 68

Marketing GDPR Personal data Communications 68

IBM Big Data Hub

MAY 3, 2024

In November 2023, the California Privacy Protection Agency (CPPA) released a set of draft regulations on the use of artificial intelligence (AI) and automated decision-making technology (ADMT). The California Consumer Privacy Act (CCPA ), California’s landmark data privacy law, did not originally address the use of ADMT directly.

Artificial Intelligence 68

Artificial Intelligence Compliance Privacy Risk 68

HL Chronicle of Data Protection

MARCH 24, 2020

Across the world, large retail stores and small businesses alike are shutting their doors. Privacy and data protection laws everywhere regulate the ability of organisations to communicate with individuals for both service-related and promotional purposes.

Communications 45

Communications Retail Marketing Privacy 45

Data Protection Report

JUNE 29, 2018

On June 28, 2018, California lawmakers enacted the California Consumer Privacy Act of 2018 (the “CCPA”) a sweeping, GDPR-like privacy law which is intended to give California consumers more control over how businesses collect and use their data. Here are our ten takeaways: Covered entities. Right to be forgotten.

Privacy 40

Privacy GDPR Personal data Risk 40

Data Protection Report

JUNE 29, 2018

On June 28, 2018, California lawmakers enacted the California Consumer Privacy Act of 2018 (the “CCPA”) a sweeping, GDPR-like privacy law which is intended to give California consumers more control over how businesses collect and use their data. Here are our ten takeaways: Covered Entities. Right to be Forgotten.

Privacy 40

Privacy GDPR Personal data Risk 40